Moving to OAuth 2.0 in valence and having some questions about Token, refresh Tokens etc...
Hi all,
I've finally decided to start looking to move the Valence authentication module I started on my side back in 2012 to oAuth 2.0…
I have a few questions while looking at the redesign of the internal library… and it is about the authentication, the life of the Token and refresh Tokens.
When I authenticate to
https://auth.brightspace.com/oauth2/auth
My understanding is that the system will provide me with a token and a refresh token.
The Refresh token can be used to renew the token at
https://auth.brightspace.com/core/connect/token
This link will also provide a new token for me to continue using and refresh in the future, should I need to.
I want to know more about what happens to the token when a refresh token or token should another authentication takes place.
ie, I have
program 1, using oAuth with clientID 1 to get a token, it is processing its tasks (takes about 4 hours), it refreshes its token while it is running during that 4 hour period…
program 2, using oAuth with clientID 1 to get another token, it is processing something else that takes 30 mins.. will also handle its own token refreshes.
Will the program that is run first be nullified by the program that is run second? Or will the system fully acknowledge the two authentication?
From what I've experienced via Postman so far, getting the initial token seems to require user authentication. Is there a way to bypass this?
If not, let's say a token expires. Can it still be refreshed?
Thanks in Advance,
Sc.